• Instalación y configuración de Sonatype Nexus Repository (v3) en entorno Linux (on‑prem o cloud, según se defina). • Configuración de repositorios: Maven (hosted, proxy, group). npm (hosted y proxy). • Opcional: Docker registry (hosted y/o proxy), si hay experiencia. • Configuración como servicio (systemd), logs, backup básico y tareas de limpieza (cleanup policies). • Definición de usuarios, roles y permisos (desarrolladores, CI/CD, administración). • Integración mínima con CI/CD (Jenkins / GitLab CI / GitHub Actions, según stack del cliente). • Documentación para el equipo del cliente (guía de uso y operación básica).

• Own & Evolve Security Standards - Take ownership of security standards across Phorest, ensuring they are practical, up-to-date, and consistently applied. Continuously improve them in line with evolving threats, business needs, and industry best practice. • Protect Our Cloud & Infrastructure - Configure, maintain, and optimise security tooling across our AWS environment. Lead threat monitoring, improve alert quality, and proactively identify gaps in our security coverage. • Drive Risk Reduction - Lead security assessments across infrastructure and applications. Prioritise vulnerabilities based on risk and work closely with teams to ensure effective remediation. Facilitate threat modelling to catch risks early in the development lifecycle. • Embed Security into Engineering (Shift-Left) - Partner with engineering teams to integrate security into CI/CD pipelines and development workflows — enabling secure-by-default practices without slowing delivery. • Incident Response & Triage - Lead the triage and analysis of security alerts and incidents. Provide clear guidance on remediation and identify patterns to reduce recurring risks. • Be a Trusted Security Partner - Act as a go-to security point of contact across the business. Support teams in making secure decisions, balancing risk with practicality and speed. • Build Security Awareness & Culture - Contribute to internal security education and secure coding initiatives, helping teams understand not just the “what” but the “why” behind security. • Continuously Improve Our Security Posture - Identify opportunities to strengthen our tools, processes, and ways of working — and take ownership of driving those improvements forward.

• Own and evolve the GitLab ecosystem and CI/CD platform. • Collaborate closely with development, QA, security, and operations teams to build automated deployment pipelines. • Administer and govern GitLab repositories including access controls and permissions. • Design and implement GitLab CI/CD pipelines. • Configure and manage GitLab Runners. • Standardize release management and artifact lifecycle. • Embed DevSecOps practices in pipelines. • Automate infrastructure provisioning across OpenShift and Kubernetes. • Implement monitoring solutions using Prometheus and Grafana.

• Design, build, and operate core platform components for the client • Develop and maintain Infrastructure as Code and platform standards • Deliver reusable “golden paths” and automation for multiple teams • Support multi-account cloud architecture and governance setup • Enable secure cross-account access and deployment mechanisms • Build CI/CD pipelines and developer self-service capabilities • Operate container platforms and cloud networking components • Provide observability, logging, and platform reliability solutions